AMENDMENT UNDER 37 C.F.R. § El 1 1 Docket No. Q64528 

Application No. 09/854,666 

AMENDMENTS TO THE CLAIMS 

This listing of claims will replace all prior versions and listings of claims in the 

application: 

LISTING OF CLAIMS: 

1 . (currently amended): An identification system comprising: 

a plurality of end terminals, e ach of th e e nd terminals tran s mi t ting a transaction requ es t 
mess a g e containing b i ometrics data of a user and a user identifier of said u s er to a 
communications network ; 

at least one a plurality of electronic commerce service provider (ECSP) unit s, wherein 
each one of the plurality of ECSP units for receiving said receives a transaction request message 
containing ciphered biometrics data of a user and a user identifier of said user transmitted from 
the plurality of end terminals via said- a communications network and transmitting for each 
received transaction request message, one of the plurality of ECSP units transmits an 
authentication request message containing said ciphered biometrics data and said user identifier 
to said network; and 

an authentication server having comp rising a database for mapping a plurality of 
registered biometrics data to a plurality of corresponding registered user identifiers, wherein the 
authentication server receiving receives the authentication request message s from the p lurality of 
ECSP units via said network, comparing and for each of the received authentication request 
messages, the authentication server decipheres t he ci phered biometrics data and compares the 
re ceiv e d deciphered biometrics data to one of the registered biometrics data which is mapped in 
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said database to the user identifier contained in sakl-the received authentication request message 
and r e tu rning returns a reply to said- the plurality of ECSP units via said network indicating that 
said transaction request message is authenticated if the received biometrics data coincides with 
said mapped biometrics data. 

2. (canceled). 

3. (currently amended): The identification system of claim 1, wherein sai4-each one 
of the plurality of ECSP units includes a conversion table for mapping a first plurality of user 
identifiers to a second plurality of user identifiers, wherein said first plurality of user identifiers 
are used by said plurality of end terminals and said second plurality of user identifiers are the 
user identifiers registered in said database, saM- each one of the plurality of ECSP units 
c o n ver ti ng converts the user identifier contained in the received transaction request message to 
one of the second plurality of user identifiers which is mapped to the received user identifier and 
tran smittin g transmits said authentication request message containing the converted user 
identifier. 



3 



AMENDMENT UNDER 37 C.F.R. § 1.111 Docket No. Q64528 

Application No. 09/854,666 

4. (currently amended): The identification system of claim 1, wherein each of said 
end terminals is configured to cipher th e generate said ciphered biometrics data with a secret key 
generated by a variable secret key generator which generates secret keys which vary with time, 
the generated secret key being agreed-upon with said authentication server. 

5. (currently amended): The identification system of claim 4. wherein said variable 
secret key generator is located at said authentication server and wherein each of said end 
terminals is configured to transmit a key request message to said authentication server via said 
plurality of ECSP units^ to receive said secret key from the secret key generator, and to_ciphermg 
the-a_biometrics data with the received secret key before said transaction request message is 
transmitted. 

6. (original): The identification system of claim 5, wherein said authentication server 
comprises a variable secret key generator which generates a secret key which varies with time , 
and a decryption unit for deciphering the received ciphered biometrics data by using the secret 
key generated by said secret key generator. 

7. (original): The identification system of claim 1, wherein each of said end 
terminals comprises a user terminal exclusively owned by said user. 
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8. (currently amended): The identification system of claim 1, wherein each of said 
end terminals comprises a sales terminal to which a plurality of user's handheld personal units 
can be connected, wherein said sales terminal transparently transmits a transaction request 
messaged received from each of the personal units to said plurality of ECSP units. 

9. (original): The identification system of claim 1, wherein said biometrics data of 
said user is a fingerprint of said user. 

10. (original): The identification system of claim 1, wherein said biometrics data of 
said user is an extracted feature of a fingerprint of said user. 

1 1 . (currently amended): An identification system comprising: 

a plurality of end terminals r e spectively id e ntified by user identifi e rs, each - of the end 
t erminals tr a n s m it ti n g a tra nsaction r equest messag e cont aining- bi ometrics data of a- u se r t o a 

at l e ast one a plurality of electronic commerce service provider (ECSP) unit s, wherein 
each one o f the plurality of ECSP units for rec e iving said receives a transaction request message 
containing ci phered biometrics data of a user and a user identifier of said user transmitted from 
the p lural ity of end terminals via said- a communications network and transmittin g- for each 
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received transactio n re quest message, one of the plurality of ECSP units transmits an 
authentication request message containing said ciphered biometrics data to said network; and 

an authentication server h aving comp rising a database for mapping a plurality of 
registered biometrics data to a plurality of corresponding registered user identifiers, wherein the 
authentication server receiving receives the authentication request message s from the plurality of 
ECSP units via said network, comparing and for each of the received authentication request 
message s, the authentication server deciphers the ciphered biometrics data and compares the 
receiv e d deciphered biometrics data to all of the registered biometrics data in said database, 
d e t e cting detects the user identifier mapped to the registered biometrics data which coincides 
with the received decip hered biometrics data, and returning returns a reply to sak hhe plurality of 
ECSP units via said network indicating that a user identified by the detected user identifier is 
authenticated. 

12. (canceled). 

13. (currently amended): The identification system of claim [[12]] ]_]_. wherein each 
of said end terminals is configured to cipher the generate said ciphered biometrics data with a 
secret key generated by a variable secret key generator which generates secret keys which vary 
with time, the generated secret key being agreed-upon with said authentication server. 
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14. (currently amended): The identification system of claim 13. wherein said variable 

secret key generator is located at said authentication server and wherein each of said end 

terminals is configured to transmit a key request message to said authentication server via said 

plurality of ECSP units to receive said secret key from the secret key generator, and to cipheriftg 

the-aJ)iometrics data with the received secret key before said transaction request message is 

transmitted. 

1 5. (original): The identification system of claim 14, wherein said authentication 
server comprises a variable secret key generator which generates a secret key which varies with 
time, and a decryption unit for deciphering the received ciphered biometrics data by using the 
secret key generated by said variable secret key generator. 

16. (currently amended): The identification system of claim [[12]] J_L wherein each 
of said end terminals comprises a user terminal exclusively owned by said user. 

1 7. (currently amended): The identification system of claim [[12]] JJL wherein each 
of said end terminals comprises a sales terminal to which a plurality of user's handheld personal 
units can be connected, wherein said sales terminal transparently transmits a transaction request 
messaged received from each of the personal units to said plurality of ECSP units. 
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1 8. (original): The identification system of claim [[12]] wherein said biometrics 
data of said user is a fingerprint of said user. 

19. (original): The identification system of claim [[12]] U_, wherein said biometrics 
data of said user is an extracted feature of a fingerprint of said user. 

20. (currently amended): An identification method comprising the steps of: 

a) transmitting, from afl- a plurality of end terminals, a-transaction request messages, 
containing ciphered biometrics data of a user to a communications network; 

b) receiving, at aft- each one of a plurality of electronic commerce service providers, 
said- one of the transaction request messages via said network; 

c j for each re ceived t ransaction request messag e, transmitting . from th e elec tr o n i c 
c omm e r ce servi c e provid e r, an authentication request message containing said ciphered 
biometrics data from one of the plurality of electronic commerce service provider units to said 
network: 

d) receiving said authentication request messages via said network at a user 
authenticator having a database for storing a plurality of registered biometrics data and 
deciphering the ciphered biometrics data contained in the received authentication request 
messages: 
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e) for each of the rece ived auth entication request messages, determining whether the 

r e c e ived decip hered biometrics data has corresponding biometrics data in said database: and 

t) tor each o f the received auth entication request m essages, returning a reply from 
said user authenticator to said plurality of electronic commerce service providers via said 
network indicating that said transaction request message is authenticated if the r e c e iv e d 
deciphered biometrics data coincides with one of the registered biometrics data of the database. 

21. (canceled). 

22. (currently amended): An identification method comprising the steps of: 

a) transmitting, from an-a plurality of end terminals^-a transaction request messages. 
each transaction request message containing ciphered biometrics data of a user and a user 
identifier of said user to a communications network; 

bj receiving, at aft- each one of a plurality of electronic commerce service providers. 
one of said transaction request messages via said network; 

c) for each of the received transaction request messages, transmitting , f ro m t h e 
electroni c- commerce - s e rvic e provider, an authentication request message containing said 
ciphered biometrics data and said user identifier from one of the plurality of electronic commerce 
service provider unit s to said network; 
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d) receiving said authentication request messages at a user authenticator via said 
network, the authenticator having a database in which a plurality of registered biometrics data 
are mapped to a plurality of corresponding registered user identifiers and deciphering the 
ci phered biometrics data contained in the received authentication r equest messages; 

e) for each of the received authentication request messages, comparing the receive d 
deci phered biometrics data to one of the registered biometrics data which is mapped in said 
database to the user identifier contained in said authentication request message; and 

0 for each of the received authentication req uest messages, returning, from the user 
authenticator, a reply to said plurality of electronic commerce service providers via said network 
indicating that said transaction request message is authenticated if the received biometrics data 
coincides with said mapped biometrics data. 

23. (currently amended); The identification method of claim 22, wherein the user 
identifiers stored in said database are different from the user identifiers of said end terminals, 
further comprising converting, at satd- each one of the plurality of electr onic com m erce service 
providers, the user identifier contained in the received transaction request message to a second 
user identifier which is contained in said authentication request message as the first-mentioned 
user identifier. 

24. (canceled). 
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25. (currently amended): The identification method of claim [[24]] 22, wherein the-a 
biometrics data contained in the transaction request message is ciphered by using a secret key 
which varies with time and agrees with the secret key with which the ciphered biometrics data is 
deciphered at said user authenticator. 

26. (currently amended): An identification method comprising the steps of: 

a) transmitting, from afi- a plurality of end terminals,-a transaction request messages, 
each transaction req uest message containing ciphered biometrics data of a user to a 
communications network; 

b) receiving, at aft-each one of a plurality of electronic commerce service providers, 
one of said transaction request message via said network; 

c ) for each o f the received tran saction request messages, transmitting, from said 
se rv i ce p r o vid er ,-an authentication request message containing said ci phered biometrics data 
from one of the plurality of electronic commerce serv ice providers to said network: 

d) receiving, at a user authenticator having a database in which a plurality of 
registered biometrics data are mapped to a plurality of corresponding registered user identifiers, 
said authentication request messages via said network and deciph erin g the ciphered biometrics 
data contained in th e received authent ication request messages ; 
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c) for each of the received authe ntication re quest messages, comparing the received 

deci phered biometrics data to all of the registered biometrics data in said database to detect 

coincidence; 

1) for each of the received authentication re quest messages, detecting the user 
identifier mapped to the biometrics data which coincides with the receive d deciphered biometrics 
data; and 

g) for e ach of the received authe ntication re quest messages, returning a reply from 
the user authenticator to said plurality of electronic commerce service providers v ia said network 
indicating that said user having the detected user identifier is authenticated. 

27. (canceled). 

28. (currently amended): An identification system comprising: 

a plurality of end terminals, each of th e e nd terminals transmitting to a communications 
n et w ork a re gis t ra t i o n r eques t m e ssage and a tra n sa ctio n request m e ssage, each -of-sa id me s sages 
c o n tai ni n g bi omet ric s data of a user an d a user i dentifie r of said user ; 

at l e a s t o ne a p lurality of electronic commerce service provider (ECSP) unit s, wherein 

each one of the plurality of ECSP units receives a for recei ving said registration request message 

containin g ci phered biometrics data of a user and a user identifier o f said user transmi tted from 

the plurality of end te rminals via said- a communications network , retransmits t o re tr an smi t ti n g 
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the registration request message to said network, and r e ceiving receives a said-transaction request 
message containing said ciphered biometrics data and user identifier transmitted from the 
plurality of end terminals via said network^ and transmitting for each received transaction request 
message, transmits an authentication request message containing said biometrics data and said 
user identifier to said network; and 

an authentication server for receiving said registration request messages from said 
plurality of ECSP units via said network, mapping in a database a plurality of biometrics data 
contained in a plurality of said registration request messages to a plurality of corresponding user 
identifiers contained in said registration request messages, the authentication server further 
receiving the authentication request message s from the plurality of ECSP units via said network. 
and for each of the received authentication request messages, the authentication server deciphers 
the ciphered biometrics data and compares comparing the rec e ived deciphered biometrics data to 
one of the biometrics data which is mapped in said database to the user identifier contained in 
sak khe received authentication request message and r e turning returns a reply to said the 
plurality of ECSP units via said network indicating that said transaction request message is 
authenticated if the received biometrics data coincides with said mapped biometrics data. 

29. (currently amended): An identification system comprising: 

a plurality of end terminals , each of the end t e rminals transmitting a registration request 
message c on t ain in g biometrics data of a user and a user identifier of the user to a 
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communication s network and transmitting a transaction request me s sage con tai ning said 
biom e trics data to the commun i cat i ons network ; 

at l e ast one a plurality of electronic commerce service provider (ECSP) unit s, wherein 
each one of the plurality of ECSP units receives a for rec e iving said registration request message 
containing ciphered biometrics data of a user and a user identifier of said user transmitted from 
the plurality of end terminals via sa4d- a communications network , retransmits to retransmitting 
the registration request message to said network^ and receiving receives a said-transaction request 
message containing said ciphered biometrics data transmitted from the plurality of end terminals 
via said network, and transmitting for each received transaction request message, transmits an 
authentication request message containing said ciphered biometrics data and said user identifier 
to said network; and 

an authentication server for receiving said registration request messages from said 
plurality of ECSP units via said network, mapping a plurality of biometrics data contained in a 
plurality of said registration request messages to a plurality of corresponding user identifiers 
contained in said registration request messages, the authentication server receiving the 
authentication request message s from the plurality of ECSP units via said network, and for each 
of the received authentication request messages, the authentication server decipheres the 
ciphered biometrics data and compares comparing the r e c e iv e d deciphered biometrics data to all 
of the biometrics data in said database, d e tecting detects the user identifier mapped to the 
biometrics data which coincides with the received biometrics data, and r e turning returns a reply 
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to said plurality of'ECSP units via said network indicating that a user identified by the detected 
user identifier is authenticated. 

30. (new): An authentication server comprising: 

a database for mapping a plurality of registered biometrics data to a plurality of 
corresponding registered user identifiers; 

an interlace unit for receiving authentication request messages from a plurality of 
electronic commerce service provider (ECSP) units via a network, each authentication request 
message containing biometrics data of a user and a user identifier of said user; and 

a processor, wherein for each of the received authentication request messages, the 
processor compares the received biometrics data to one of the registered biometrics data which is 
mapped in said database to the user identifier contained in the received authentication request 
message. 

wherein the interface unit returns a reply to the plurality of ECSP units via said network 
indicating that the transaction request message is authenticated if the received biometrics data 
coincides with the said mapped biometrics data, 

wherein each authentication request message corresponds to a transaction request 
message transmitted to one of the plurality of ECSP units from one of a plurality of user 
terminals via said network. 
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3 1 . (new): An authentication server comprising: 

a database for mapping a plurality of registered biometrics data to a plurality of 
corresponding registered user identifiers; 

an interface unit for receiving authentication request messages from a plurality of 
electronic commerce service provider (ECSP) units via a network, each authentication request 
message containing biometrics data of a user and a user identifier of said user: and 

a processor, wherein for each of the received authentication request messages, the 
processor compares the received biometrics data to all of the registered biometrics data in said 
database and detects the user identifier mapped to the biometrics data which coincides with the 
received biometrics data, 

wherein the interface unit returns a reply to the plurality of ECSP units via said network 
indicating that a user identified by the detected user identifier is authenticated. 

wherein each authentication request message corresponds to a transaction request 
message transmitted to one of the plurality of ECSP units from one of a plurality of user 
terminals via said network. 
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